﻿using System;
using System.Data.SqlClient;

namespace BwanaBank.BankOnline.WinUI.Window
{
    public partial class Login : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {
            if (Request.Cookies["customer"] != null || Session["customer"] != null)
            {
                Response.Redirect("~/Customer/");
            }
            else if (Request.Cookies["admin"] != null || Session["admin"] != null)
            {
                Response.Redirect("~/Admin/");
            }
        }
        protected void Button_Login(object sender, EventArgs e)
        {
            if (IsValid)
            {
                var cn =
                    new SqlConnection(
                        @"Data Source=PAR-ROBHED-001\SQLEXPRESS;Initial Catalog=BWANABANK;Integrated Security=True");
                cn.Open();
                var cmd =
                    new SqlCommand(
                        "SELECT * FROM [User] WHERE customerNum='" + UserName.Text + "' AND password='" +
                        Password.Text + "'", cn);
                var dtr = cmd.ExecuteReader();
                if (dtr.Read())
                {
                    var etat = (int)dtr["idType"];

                    var didYouCheckTheBox = RememberMe.Checked;
                    Response.Write(didYouCheckTheBox);
                    if (didYouCheckTheBox)
                    {
                        Response.Cookies["userName"].Value = dtr["lastName"] + " " + dtr["firstName"];
                        Response.Cookies["userName"].Expires = DateTime.Now.AddDays(7);
                        if (etat == 1)
                        {
                            Response.Cookies["admin"].Value = UserName.Text;
                            Response.Cookies["admin"].Expires = DateTime.Now.AddDays(7);
                            Response.Redirect("~/Admin/");
                        }
                        else
                        {
                            Response.Cookies["customer"].Value = UserName.Text;
                            Response.Cookies["customer"].Expires = DateTime.Now.AddDays(7);
                            Response.Redirect("~/Customer/");
                        }
                    }
                    else
                    {
                        Session["userName"] = dtr["lastName"] + " " + dtr["firstName"];
                        if (etat == 1)
                        {
                            Session["admin"] = UserName.Text;
                            Response.Redirect("~/Admin/");
                        }
                        else
                        {
                            Session["customer"] = UserName.Text;
                            Response.Redirect("~/Customer/");
                        }
                    }

                    dtr.Dispose();
                    dtr.Close();
                    cn.Close();
                }
                else
                {
                    ErrorLabel.Text = "<ul><li>Le numéro client ou le code secret n'ont pas été reconnus.</li></ul>";
                    cn.Close();
                }
            }
        }
    }
}